Cross-Site Scripting Vulnerability in Chatra Live Chat Product by Chatra

CVE-2025-24735

What is CVE-2025-24735?

A vulnerability allowing for stored cross-site scripting (XSS) has been identified in the Chatra Live Chat + ChatBot + Cart Saver product. This issue results from improper handling of user input, which can enable attackers to inject malicious scripts that execute in the context of users' browsers. This vulnerability affects all versions up to 1.0.11, posing a risk to the integrity of user sessions and data in the affected product. Users are advised to apply patches and security measures to mitigate potential attacks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch →

References